[Openid-specs-ab] Meeting notes: Re: Proposed agenda for 12-May-25 Connect WG call

chris phillips cjphillips at gmail.com
Tue May 13 02:14:26 UTC 2025 

*Meeting May 12th*

*Attendees:  Naveen, Victor Lu, Chris Phillips, Tom Jones, Dick Hardt,
Edmund Jay, Mike Fraser*

*Main scribe: Chris P*











































*Call to order around 17:05, introductions.See in line for specific
notes...adjust as needed if I missed anything..Chris.--------- Forwarded
message ---------From: Michael Jones via Openid-specs-ab
<openid-specs-ab at lists.openid.net <openid-specs-ab at lists.openid.net>>Date:
Mon, May 12, 2025 at 3:06 PMSubject: [Openid-specs-ab] Proposed agenda for
12-May-25 Connect WG callTo: openid-specs-ab at lists.openid.net
<openid-specs-ab at lists.openid.net> <openid-specs-ab at lists.openid.net
<openid-specs-ab at lists.openid.net>>Cc: Michael Jones
<michael_b_jones at hotmail.com <michael_b_jones at hotmail.com>>I propose this
agenda for today’s OpenID Connect working group call to be held at
https://zoom.us/j/97622169761?pwd=ek5kZUg3QnI1cCt6bTE3QzA3ZVlOQT09
<https://zoom.us/j/97622169761?pwd=ek5kZUg3QnI1cCt6bTE3QzA3ZVlOQT09>.  1.
Introductions2. Antitrust Policy <https://www.openid.net/antitrust> and IPR
Agreement <https://openid.net/wg/connect/> reminders3. Events1. OpenID
Federation Interop, April 28-30, hosted by SUNET <https://www.sunet.se/> in
Stockholm- Recap of the event-
https://openid.net/the-openid-federation-interoperability-event/
<https://openid.net/the-openid-federation-interoperability-event/>-
https://www.linkedin.com/feed/update/urn:li:activity:7327610914856185857/
<https://www.linkedin.com/feed/update/urn:li:activity:7327610914856185857/>MikeJ:
great coverage of the implementations and tests 2. IETF 123 in Madrid, July
19-25, 2025- https://www.ietf.org/meeting/123/
<https://www.ietf.org/meeting/123/> 4. Links to Active Specifications
<https://openid.net/wg/connect/specifications/> and Repositories1. OpenID
Connect Core incorporating errata 3
<https://openid.net/specs/openid-connect-core-1_0-36.html> (repository
<https://bitbucket.org/openid/connect/>)2. OpenID Connect Native SSO for
Mobile Apps <https://openid.net/specs/openid-connect-native-sso-1_0.html>
(repository <https://bitbucket.org/openid/connect>)3. OpenID Federation
<https://openid.net/specs/openid-federation-1_0.html> (repository
<https://github.com/openid/federation>)4. OpenID Federation Extended
Subordinate Listing
<https://openid.net/specs/openid-federation-extended-listing-1_0.html>
(repository <https://github.com/openid/federation-extended-listing>)5.
OpenID Federation Wallet Architectures
<https://openid.net/specs/openid-federation-wallet-1_0.html> (repository
<https://github.com/openid/federation-wallet>)6. OpenID Connect Relying
Party Metadata Choices
<https://openid.net/specs/openid-connect-rp-metadata-choices-1_0.html>
(repository <https://github.com/openid/rp-metadata-choices>)7. OpenID
Provider Commands
<https://openid.net/specs/openid-provider-commands-1_0.html> (repository
<https://github.com/openid/openid-provider-commands>)5. OpenID Connect
Relying Party Metadata Choices
<https://openid.net/specs/openid-connect-rp-metadata-choices-1_0.html>1.
WGLC for proposed Implementer’s Draft ended on Thursday, May 8, 2025 with
only support2. Time to start 45-day Foundation-wide review for
Implementer’s Draft statusMikeJ: 19:14 brought forward the need for getting
more visibility on the topic and need for a implementer’s draft. 6. OpenID
Connect Claims Aggregation
<https://openid.net/specs/openid-connect-claims-aggregation-1_0.html>1.
https://bitbucket.org/openid/connect/pull-requests/745
<https://bitbucket.org/openid/connect/pull-requests/745> removing content
overlapping OpenID4VC was mergedMikeJ:19:15:  Discussion about the merge
down and the rendering – Edmund Jay has some refreshes on the problems on
syntax collisions. MikeJ to do another merge build and publishing.Edmund
Jay - seeking link to the tools – in the readme in the link aggregation..
Edmund to take a look 2. Currently doesn’t build3. Need to perform spec
content checks per
https://github.com/openid/publication/blob/main/README.md
<https://github.com/openid/publication/blob/main/README.md>4. Then time to
publish -03 to openid.net/specs/ <http://openid.net/specs/> 7. OpenID
Provider Commands
<https://openid.net/specs/openid-provider-commands-1_0.html>1. last_access
claim - https://github.com/openid/openid-provider-commands/pull/21
<https://github.com/openid/openid-provider-commands/pull/21>2. asynchronous
commands - https://github.com/openid/openid-provider-commands/pull/21
<https://github.com/openid/openid-provider-commands/pull/21>3. use subject
identifiers instead sub -
https://github.com/openid/openid-provider-commands/issues/17
<https://github.com/openid/openid-provider-commands/issues/17>DickH: 19:18
- item 21 – a property in the response – 2 different origins of the request
for the same thing - IdPro, tailscale event .. intent is around principle
of least privilege and use of the field for. Dialogue MJ expecting a time
value.. Yes, DH that it’s a time value. (see pull request) the time request
is around the last access. Discussion about the freshness of the value and
it’s at the issuance of the token so it’s minted at time of
request.Dialogue of items in issue tracker around 7 and 5 (not the ones
above), and https://github.com/openid/openid-provider-commands/pull/20
<https://github.com/openid/openid-provider-commands/pull/20>DickH can
responses be async from discussions on list and IIW. The OP knows ahead of
time whether or not the response needs to be async or sync(hronous). More
discussion around logistics on the call back token on the RP to the OP for
another metadata command to get in sync with the metadata (I know i’m not
doing justice to this as scribe) How can the RP let the OP.Wanted to have a
way to work without client credentials. DickH was seeking more dialogue
with George Fletcher who has commented on pull request. DickH’s comments
were around the notion that it may be along the lines of an access
token. DickH: will ask for this on agenda in 2 weeks to intersect with the
commenters (GeorgeF)DickH: still seeking more feedback on the subjected
identifiers instead of sub. MikeJ: aim for consistency. There’s a
consistency challenge of alignment between OpenID Connect vs shared signals
use patterns. To be reviewed after call for next call. 8. OpenID Federation
Extended Subordinate Listing
<https://openid.net/specs/openid-federation-extended-listing-1_0.html>1.
Draft -02 published with multiple editorial improvementsMikeJ:19:34: Not
tested at interop in person and needed for interop testing in the future.
9. OpenID Federation
<https://openid.net/specs/openid-federation-1_0.html>1. We’re down to 24
open issues, ~15 of which require actions to finish the spec- (The other 9
propose extension specifications, post-final work, or reviewing the
text)MikeJ:19:38: Dialogue around the
https://github.com/openid/federation/issues/214
<https://github.com/openid/federation/issues/214> and item 212Different
aspects of what the actual problems are and the attendees on the call were
not able to get to sufficient depth on the items (212, 214). Michael F
commented on items about different between JWTs vs longevity of what things
may mean over a long period of time (years).  Needs more dialogue for
better understanding. 10. OpenID Connect Native SSO for Mobile Apps
<https://openid.net/specs/openid-connect-native-sso-1_0.html>1. Any
updates?11. Possible new draft1. OpenID Enterprise Extensions -
https://github.com/dickhardt/enterprise-extensions
<https://github.com/dickhardt/enterprise-extensions>DickH:19:40: walk
through of the enterprise extensions and offering more information about
the contents of the extensions.  Discussed in other venues like IPSIE as
well as this venue. Dialogue on adjusting and fine tuning the title and
focus on OpenID Connect.MikeJ: Contribution needs a note sent to the list
with attachmentCall out about and further items and none provided.Adjourned
19:55*




___________________________________________________________________________________________

chris at chrisphillips.ca | https://www.linkedin.com/in/chris-phillips-cidpro/


On Mon, May 12, 2025 at 3:06 PM Michael Jones via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:

> I propose this agenda for today’s OpenID Connect working group call to be
> held at https://zoom.us/j/97622169761?pwd=ek5kZUg3QnI1cCt6bTE3QzA3ZVlOQT09
> .
>
>
>
>    1. Introductions
>    2. Antitrust Policy <https://www.openid.net/antitrust> and IPR
>    Agreement <https://openid.net/wg/connect/> reminders
>    3. Events
>       1. OpenID Federation Interop, April 28-30, hosted by SUNET
>       <https://www.sunet.se/> in Stockholm
>          - Recap of the event
>          -
>          https://openid.net/the-openid-federation-interoperability-event/
>          -
>          https://www.linkedin.com/feed/update/urn:li:activity:7327610914856185857/
>       2. IETF 123 in Madrid, July 19-25, 2025
>          - https://www.ietf.org/meeting/123/
>       4. Links to Active Specifications
>    <https://openid.net/wg/connect/specifications/> and Repositories
>       1. OpenID Connect Core incorporating errata 3
>       <https://openid.net/specs/openid-connect-core-1_0-36.html> (
>       repository <https://bitbucket.org/openid/connect/>)
>       2. OpenID Connect Native SSO for Mobile Apps
>       <https://openid.net/specs/openid-connect-native-sso-1_0.html> (
>       repository <https://bitbucket.org/openid/connect>)
>       3. OpenID Federation
>       <https://openid.net/specs/openid-federation-1_0.html> (repository
>       <https://github.com/openid/federation>)
>       4. OpenID Federation Extended Subordinate Listing
>       <https://openid.net/specs/openid-federation-extended-listing-1_0.html>
>       (repository <https://github.com/openid/federation-extended-listing>)
>       5. OpenID Federation Wallet Architectures
>       <https://openid.net/specs/openid-federation-wallet-1_0.html> (
>       repository <https://github.com/openid/federation-wallet>)
>       6. OpenID Connect Relying Party Metadata Choices
>       <https://openid.net/specs/openid-connect-rp-metadata-choices-1_0.html>
>       (repository <https://github.com/openid/rp-metadata-choices>)
>       7. OpenID Provider Commands
>       <https://openid.net/specs/openid-provider-commands-1_0.html> (
>       repository <https://github.com/openid/openid-provider-commands>)
>    5. OpenID Connect Relying Party Metadata Choices
>    <https://openid.net/specs/openid-connect-rp-metadata-choices-1_0.html>
>       1. WGLC for proposed Implementer’s Draft ended on Thursday, May 8,
>       2025 with only support
>       2. Time to start 45-day Foundation-wide review for Implementer’s
>       Draft status
>    6. OpenID Connect Claims Aggregation
>    <https://openid.net/specs/openid-connect-claims-aggregation-1_0.html>
>       1. https://bitbucket.org/openid/connect/pull-requests/745 removing
>       content overlapping OpenID4VC was merged
>       2. Currently doesn’t build
>       3. Need to perform spec content checks per
>       https://github.com/openid/publication/blob/main/README.md
>       4. Then time to publish -03 to openid.net/specs/
>    7. OpenID Provider Commands
>    <https://openid.net/specs/openid-provider-commands-1_0.html>
>       1. last_access claim -
>       https://github.com/openid/openid-provider-commands/pull/21
>       2. asynchronous commands -
>       https://github.com/openid/openid-provider-commands/pull/21
>       3. use subject identifiers instead sub -
>       https://github.com/openid/openid-provider-commands/issues/17
>    8. OpenID Federation Extended Subordinate Listing
>    <https://openid.net/specs/openid-federation-extended-listing-1_0.html>
>       1. Draft -02 published with multiple editorial improvements
>    9. OpenID Federation
>    <https://openid.net/specs/openid-federation-1_0.html>
>       1. We’re down to 24 open issues, ~15 of which require actions to
>       finish the spec
>          - (The other 9 propose extension specifications, post-final
>          work, or reviewing the text)
>       10. OpenID Connect Native SSO for Mobile Apps
>    <https://openid.net/specs/openid-connect-native-sso-1_0.html>
>       1. Any updates?
>    11. Possible new draft
>       1. OpenID Enterprise Extensions -
>       https://github.com/dickhardt/enterprise-extensions
>    12. AOB
>
>
>
>                                                                 -- Mike
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250512/346c510c/attachment-0001.htm>

More information about the Openid-specs-ab mailing list